Есть ли способ сделать аутентификацию с помощью скручивания против Exchange 2010 Outlook Web Access - PullRequest
0 голосов
/ 11 февраля 2019

Я создаю веб-портал, который требует аутентификации на основе Exchange 2010 Outlook Web Access с использованием curl, я нашел скрипт в Интернете, но если я использую правильный пароль или неверный пароль, он все равно сообщает об успешном входе в систему при выполнении кода php.

# !/usr/bin/php5
<?php
# OWA Login Check
# Written by Scott Milliken
# Modified by Chris Funderburg for Exchange 2007 - May 21, 2010
# Permission granted to use under the GPL

$username = "username";
$password = "password";
# You can just use the base URL for your default mailbox
# or you can add on to it to specify a group mailbox
# $mailboxURL = "https://email.mydomain.com" for default
# or for a shared NOC mailbox in the IT department... 
$mailboxURL = "https://youdomain/owa/";
$authURL = "https://yourdomain/owa/auth/logon.aspx?url=https://remote.vneonline.com/owa/&reason=0";

# First go to the URL that a user would use so that you can get your session cookie set

$pg = curl_init();

curl_setopt( $pg, CURLOPT_URL, $mailboxURL );
curl_setopt( $pg, CURLOPT_USERAGENT, "Mozilla/5.0 (compatible; MSIE 5.01; Windows NT 5.0)" );
curl_setopt( $pg, CURLOPT_FOLLOWLOCATION, true );

# You need to define a cookie jar to store and retrieve
# the session cookies or this won't work
curl_setopt( $pg, CURLOPT_COOKIEJAR, "cookies.txt" );
curl_setopt( $pg, CURLOPT_COOKIEFILE, "cookies.txt" );
curl_setopt( $pg, CURLOPT_HEADER, false );
curl_setopt( $pg, CURLOPT_RETURNTRANSFER, true );

# Setting these to false is handy for checking multiple
# frontends that may share the same SSL cert, such as
# ones in a round robin DNS scheme, but you address
# them by the "real name" of the host
curl_setopt( $pg, CURLOPT_SSL_VERIFYPEER, false );
curl_setopt( $pg, CURLOPT_SSL_VERIFYHOST, false );

# Set this to true for debugging
curl_setopt( $pg, CURLOPT_VERBOSE, false );

$response = curl_exec( $pg );
$info = curl_getinfo( $pg );

# Set the form data for posting the login information
$postData = array();
$postData["url"] = $mailboxURL;
$postData["reason"] = "0";
$postData["destination"] = $mailboxURL;
$postData["flags"] = "0";
$postData["username"] = $username;
$postData["password"] = $password;
$postData["SubmitCreds"] = "Log On";

$postText = "";

foreach( $postData as $key => $value ) {
$postText .= $key . "=" . $value . "&";
}

curl_setopt( $pg, CURLOPT_REFERER, $info["url"] );
curl_setopt( $pg, CURLOPT_URL, $authURL );
curl_setopt( $pg, CURLOPT_POST, true );
curl_setopt( $pg, CURLOPT_POSTFIELDS, $postText );

$response = curl_exec( $pg );

# At this point you can either print the following
# status to show the result of logging in, or you
# can make another call to the web server for the
# individual frames, such as
# $mailboxURL . "/Inbox/?Cmd=contents" will give you
# the listing of inbox headers (if you call curl again)

$info = curl_getinfo( $pg );

$needle = "Connected to Microsoft Exchange";
if ( strpos( $response, $needle ) )
printf( "OK - Logon to OWA successful.\n" );
else
printf( "Critical - Logon to OWA failed.\n" );

?>

Мне нужно иметь возможность проходить аутентификацию, используя curl php, работающий правильно.

Добро пожаловать на сайт PullRequest, где вы можете задавать вопросы и получать ответы от других членов сообщества.
...